网络与信息安全学报 (Feb 2022)

Research review of network defense decision-making methods based on attack and defense game

  • LIU Xiaohu, ZHANG Hengwei, MA Junqiang, ZHANG Yuchen, TAN Jinglei

DOI
https://doi.org/10.11959/j.issn.2096−109x.2021089
Journal volume & issue
Vol. 8, no. 1
pp. 1 – 14

Abstract

Read online

Game theory studies the optimal decision-making problem under the condition of conflict confrontation. It is one of the basic theories of cyberspace security, and can provide a theoretical basis for solving the problem of network defense decision-making. The six game characteristics of network attack and defense were defined, such as goal opposition, strategy dependence, non-cooperative relationship, incomplete information, dynamic evolution and interest drive. Based on the hypothesis of rational player and limited resources, a 5-tuple network attack and defense game model was formally defined by using player, attack and defense strategy set, attack and defense action set, attack and defense information set and attack and defense income. The existing conditions of game equilibrium were analyzed, and the general process of network defense decision-making based on attack and defense game model was summarized. The applicable scenarios of network defense decision-making methods based on eight different types of game models were analyzed, such as complete information static game, complete information dynamic game, incomplete information static game, incomplete information dynamic game, evolutionary game, differential game, time game and random game, and summarizes their research ideas. The advantages and disadvantages of network defense decision-making methods based on different types of game models were given. The development process of network defense decision-making method based on attack defense game was summarized, and the advantages and characteristics of defense decision-making method was explained. It were pointed out that there were three problems in the research process, such as the relationship between the number of factors considered in game modeling and the complexity of the model, the dependence of game reasoning on information and data, and the generalization and migration of game model. It also looked forward to the next research direction from the description mechanism of normative strategy, the calculation method of optimizing revenue and the integration with other network security technologies. And the problems that should be solved were explained.

Keywords